Tag: KB2840613

Microsoft has release, May 14th 2013, during his May Patch Tuesday, two updated security advisories, two new security advisories and ten security bulletins. On the ten security bulletins two of them have a Critical security rating.

Microsoft Security Advisory 2755801

MSA-2755801,released during September 2012, has been updated. The security advisory is regarding updates for vulnerabilities in Adobe Flash Player in Internet Explorer 10. KB2840613 has been released for supported editions of Windows 8, Windows Server 2012, and Windows RT. The update addresses the vulnerabilities described in Adobe Security bulletin APSB13-14.

Microsoft Security Advisory 2820197

MSA-2820197 update includes kill bits to prevent Honeywell Enterprise Buildings Integrator and SymmetrE and ComfortPoint Open Manager ActiveX controls from being run in Internet Explorer.

Microsoft Security Advisory 2846338

MSA-2846338 concern a privately reported security vulnerability, CVE-2013-1303 (9.3 CVSS base score), in Microsoft Malware Protection Engine that could allow remote code execution if the Microsoft Malware Protection Engine scans a specially crafted file. This vulnerability has been publicly disclosed as a denial of service. Only x64-based versions of the Malware Protection Engine are affected.

Microsoft Security Advisory 2847140

MSA-2847140, released May 3rd 2013, has been updated. The security advisory concern Microsoft Internet Explorer 8 remote code execution vulnerability (CVE-2013-1347) used in targeted attacks against United States Department of Labor (DOL) Site Exposure Matrices (SEM) and other websites. Microsoft has issue MS13-038 to address the vulnerability.

MS13-043 security update, classified as Important, allowing remote code execution, is the fix for one privately reported vulnerability in Microsoft Office. CVE-2013-1335 (9.3 CVSS base score) was discovered and privately reported by Will Dormann of the CERT/CC.